application layer 应用层
一、network app 网络应用程序
1、Client-server architecture 客户端-服务端结构
server:
- always-on host 永久在线
- permanent IP address 固定IP地址
- data centers for scaling 数据中心
slients
- communicate with server 与服务端通信
- may be intermittently connected 间歇性访问
- may have dynamic IP addresses 动态IP地址
- donot communicate directly with each orher 客户端之间无法通信
2、P2P 结构
- no always-on server
- 应用程序在简短连接的主机之间之间同新,这些主机被称为对等方,对等方不必通过专门的服务器即可在主机之间通信。
- peers request service from other peers, provide service in return to other peers
- self scalability – new peers bring new service capacity, as well as new service demands
- peers are intermittently connected and change IP addresses
二、processes communicating 进程通信
在计算机网络中称在主机中正在运行的应用程序为进程
inter-process communication
- 一台主机内进程的通信由操作系统控制
client process:
- process that initiates communication
server process:
- process that waits to be contacted
processes in different hosts communicate by exchanging messages
两个主机之间的通信实际上是两个进程通信
三、sockets 套接字
process sends/receives messages to/from its socket
进程之间通过socket传输信息
to receive messages, process must have identifier,identifier includes both IP address and port numbers
进程寻址需要有包含IP地址和端口号的标识符
四、app-layer protocol 应用层协议
1、提供的服务
data integrity 数据完整性
- some appsrequire 100% reliable data transfer
timing 定时服务
- some apps require low delay to be “effective”(低时延)
throughput 带宽
- some apps require minimum amount of throughput to be “effective”
security 安全
2、internet transport protocols services 因特网传输协议服务
传输层的协议
TCP
- reliable transport 可靠传输
- flow control 流量控制
- congestion control 拥塞控制
- connection-oriented
- 没有提供定时服务和安全服务
UDP
- unreliable data transfer 不可靠传输
各大应用采用的协议:
Securing TCP
SSL 安全套接字层,在应用层和套接字层之间,提供类似加密的http连接
- provides encrypted TCP connection 提供加密的连接
- data integrity 数据完整性的检查
- end-point authentication 端认证
五、web and http
Web
1、web page consists of objects
2、web page consists of base HTML-file which includes several referenced objects
3、 each object is addressable by a URL统一资源定位符
http
client/server model
non-persistent HTTP 非持久性连接
- at most one object sent over TCP connection
persistent HTTP 持久性连接
- multiple objects can be sent over single TCP connection
关于持久性连接和非持久性连接可以在这篇文章里找到
https://blog.csdn.net/u011954647/article/details/45285867
1、non-persistent HTTP 非持久性连接:
RTT 往返时间 :time for a small packet to travel from client to server and back
non-persistent HTTP response time = 2RTT+ file transmission time
browsers often open parallel TCP connections to fetch referenced objects
2、persistent HTTP持久性连接:
server leaves connection open after sending response
persistent HTTP response time = RTT+ file transmission time
3、HTTP request message 请求报文
request line 请求行(GET/POST)
header lines 头部行
\r\n 每行都要有换行
acceept 服务端发送文件的类型
user-agent 浏览器版本
keep-alive 连接的持续时间
connection
post的参数一般放在协议实体体里
get的参数一般放在url地址里跟在 ?后面
4、HTTP method
- GET,
参数一般放在url地址里跟在 ?后面 - POST,
参数一般放在协议实体体里 - HEAD
- PUT
uploads file in entity body to path specified in URL field 上传文件到服务器指定地址 - DELETE
deletes file specified in the URL field 删除服务器文件
5、HTTP response message 应答报文
last-modified 返回对象的最后修改时间
accept-ranges 接受的类型
content-length 字节数
content-type 返回的类型
6、HTTP status code 状态码
200 OK
- request succeeded, requested object later in this msg
301 Moved Permanently
- requested object moved, new location specified later in this msg (Location:)
400 Bad Request
- request msg not understood by server
404 Not Found
- requested document not found on this server
505 HTTP Version Not Supported
- 服务器不支持请求的http版本
7、cookies
保存在当前浏览器中
包括四个部分:
- cookie header line of HTTP response message
- cookie header line in next HTTP request message
- cookie file kept on user’s host, managed by user’s browser
- back-end database at Web site
功能: - user session state 通过id码标识用户,保持连接状态
- authorization 身份认证
- shopping carts 浏览记录,定向推荐商品或广告
- recommendations
8、Session:
关于session的详细分析在这两篇文章可以找到:
https://blog.csdn.net/weixin_42217767/article/details/92760353
https://www.iteye.com/blog/justsee-1570652
面向连接:在通信双方在通信之前要先建立一个通信的渠道
保持状态:通信的一方能够把一系列的消息关联起来,使得消息之间可以互相依赖
可以记录一系列的状态信息
Session与cookie功能效果相同。Session与Cookie的区别在于Session是记录在服务端的,而Cookie是记录在客户端的
9、proxy server 代理服务器
目的:satisfy client request without involving origin server
不必通过源服务器满足客户端的请求
10、cache
目的:
- reduce response time
- reduce traffic on access link
- enables “poor” content providers to effectively deliver content
在内部网搭建代理服务器,减少响应时间、减少接入流量、允许更有效地发送内容
缓存代理服务器中储存一些外服务器的数据,客户端在请求数据时可以先向代理服务器发送请求,如果找到的话就不再去外网找。
如何确保代理服务器中的缓存是最新的呢?
11、Conditional GET : get条件机制
- (1)请求报文使用了GET方法
- (2)请求报文包括了一个If-Modified-Since头行
specify date of cached copy in HTTP request
在HTTP协议报文里说明缓存的最新日期
object not modified before
请求对象在最新日期之前,就返回”304 not modified“
请求对象在最新日期之前,则返回200,并且返回对象
六、electronic mail 电子邮件
1、三个主要的组件:
1、user agents
2、mail servers
3、transfer protocol :SMTP
2、SMTP协议
uses TCP to reliably transfer email message from client to server, port 25
3、Mail message format 邮件报文格式
4、 Mail access protocols 邮件接入协议
a .POP3 协议
授权语句:
处理语句:
“download and delete” mode:
“download-and-keep” mode:
b.IMAP协议
七、 Domain Name System DNS域名系统
1、服务和结构
DNS services:
- hostname to IP address translation
- mail server aliasing
- load distribution 负载平衡
- host aliasing
Q:why not centralize DNS?
A: 1.single point of failure
2.traffic volume
3.distant centralized database
4.maintenance
doesn’t scale
DNS structure
root name servers 根域名服务器
- contacts authoritative name server if name mapping not known
- gets mapping
- returns mapping to local name server
top-level domain servers (TLD) 顶级域名服务器
- responsible for com, org, net, edu, aero, jobs, museums, and all top-level country domains, e.g.: uk, fr, ca, jp
- Network Solutions maintains servers for .com TLD
- Educause for .edu TLD
authoritative DNS servers: 权威域名服务器
Local DNS name server本地域名
iterated query 迭代查询:
recursive query 递归查询:
- 根服务器需要保持连接session
DNS缓存、
DNS协议和消息
query and reply messages, both with same message format
注册域名
攻击DNS的域名解析服务器
DDoS attacks
Redirect attacks 重定向攻击
八、P2P应用
特点:
- no always-on server
- arbitrary end systems directly communicate
- peers are intermittently connected and change IP addresses
P2P相较于client=server模式,在上传的时候只需要上传一次,就可以让每一个客户端下载
P2P:
C-S: